"In order to be successful, we have to get our minds away from the devices. Because with our attorneys, their kids are touching the devices, their golf buddies are touching the devices," he said.

The fear of mobile devices in the workplace is actually a bit of a case of deja vu, said Bill Gregory, head of global information management for Hogan Lovells. He remembers that it was not so long ago when corporate IT teams scoffed at the notion of the PC becoming a cornerstone of the enterprise.

"Corporate IT folks thought PCs were the worst possible toy that could be part of an enterprise structure," Gregory said. "I think that time has changed and we're in that position again 30 years later."

Gillman and his IT team support more than 225 lawyers across six locations in California. They're mostily an iOS shop (70 percent) with small contingents of BlackBerry (20 percent) and Android (10 percent) users.

Gillman's way of dealing with BYOD is to maintain open lines of communication with his attorneys and seeking new ways to serve his attorneys. If they're needs aren't being met with enterprise tools and they're turning to consumer products instead, he wants to understand what it is they value in the consumer solution and make it available as an enterprise option within the firm, Gillman said.

He used the growing use of cloud-based storage provider Dropbox as an example.

"How do you handle the Dropbox issue? The firm finds a more secure platform and gives it to them to use," Gillman said.

What Does Security Mean in a BYOD World?

One of the biggest dilemmas IT managers have to resolve when it comes to BYOD is that of security. When a device is partly owned by the employee and partly owned by the company, how much control does the enterprise really have over the device?

Can an IT worker make the decision to wipe a device if it's infected with malware? Even if it means wiping out years of personal photos of the employee's children and loved ones?

The key is moving the focus away from securing the device to securing the company's information on the employee's device, Gillman said.

"What are we really trying to protect? It's not the device. It's the [company's] information on the devices," he said.

Furthermore, the greatest risk isn't always the device or the network, but rather the person controlling and using the device.

"Our people are the greatest risk. We can deploy the greatest security technologies but it's our people who can let them in the door," Meltzer said.

Besides, the red flags raised about security on mobile devices don't always seem to be followed in non-computing scenarios.

"All you have to do is go to a cocktail party with the partners and you'll hear more confidential information than you would ever see coming from the [firm's] data," Gillman said.

Education and awareness are two key elements to launching a successful BYOD initiative and promoting mobile security in any law firm, the panel said. Users should understand what kind of data they can and can't transmit on their tablets and smartphones and recognize the risks they take when using certain apps in certain situations.

But it doesn't always have to be the IT team doing the educating, Gillman said.

"Oftentimes, practice leaders or general counsel can do a much more cohesive job working those issues out if we give them the information they need," he said.